The latest Kaspersky Security Bulletin (KSB) revealed that a total of 31,887,231 internet-borne threats were tracked by Kaspersky Lab to be attacking its Filipino users. There are currently 76 million active internet users in the country.
The KSB is a periodical report with country-specific data released to present the threat overview of each country around the world. It is based on information obtained from the Kaspersky Security Network (KSN), one of the cybersecurity company’s main cloud systems that was created to discover new and unknown cyberthreats and ensure the quickest and most effective protection for its users. KSN automatically processes completely anonymous cyberthreat-related data received from millions of devices owned by Kaspersky Lab users who have voluntarily opted to join this system.
With 41.30% of users attacked by web threats in 2018, the country now lands in Kaspersky Lab’s global list of countries with the most web threats at 11th spot, climbing several notches up from its 30th ranking in 2017. Across Southeast Asia, the Philippines currently holds the record of having the highest number of online incidents followed by Vietnam (19th) and Indonesia (20th), respectively.
Of the attacks, 71.38% were attempted against individual users while 28.62% were aimed versus business users. It was found that cybercriminals used a number of malicious programs to infect Kaspersky Lab users in the Philippines, such as:
1. mobile malware (malicious code designed to target smartphones and tablets)
2. banking Trojans (a kind of malware that steals sensitive financial credentials such as for e-payment and online banking systems from victims, intercepting one-time passwords then sending the data back to the attackers behind the Trojan)
3. coin miner (program for generating or mining cryptocurrency)
4. adware (program designed to launch ads on infected computers and/or to redirect search engine results to promotional websites)
5. riskware (program that is legitimate in itself but can be potentially misused by cybercriminals and lately has been used as a controlling machine for malicious activities)
Attacks via browsers is still the primary method for spreading malicious programs, according to Kaspersky Lab. The popular techniques among cybercriminals to penetrate systems in the country include:
1. Drive-by download. This refers to the unintentional download of malicious code to a computer or mobile device that leaves the user open to a cyberattack. Infection in this type of attack takes place when visiting an infected website, which doesn’t rely on the user to do anything and without their knowledge to actively enable the attack. For example, you might get a link emailed to you or shared with you on a post on your social media — sources you trust — that are designed to entice you to click and open. Once the website is open, the drive-by download installs itself on your device.
2. Social engineering. This attack requires user participation where the user has to download a malicious file to her computer. This happens when cybercriminals make the victim believe she is downloading a legitimate program under the guise of a serious problem that needs immediate attention. Attacker may use anger, guilt and sadness to convince their victims. Many employees and consumers don’t realize that with only a few pieces of information like name, date of birth or address, hackers can gain access to multiple networks.
In the same report, it showed that malicious hosting incidents monitored and thwarted by Kaspersky Lab on devices of Filipino users jumped from 449,297 in 2017 to 2,026.076 in 2018 showing an upsurge of more than 300 percent in 12 months. This new data places the Philippines in 35th spot, or three levels higher than its ranking in 2017 of countries worldwide with the most number of such cases. Among six countries in the region, the Philippines ranks third after Singapore (8th) and Vietnam (26th), respectively.
REGIONAL STATS: Malicious Hosting Threats